Re: Hard Drive keeps filling up
From: Birl (sbirl_at_temple.edu)
Date: 09/23/03
- Previous message: Muhammad Faisal Rauf Danka: "Re: External Pen Test / Manual Exploitation"
- In reply to: Harris Samuel W PORT: "Hard Drive keeps filling up"
- Next in thread: Joey Peloquin: "RE: Hard Drive keeps filling up"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 23 Sep 2003 12:06:55 -0400 (EDT) To: security-basics@securityfocus.com
As it was written on Sep 22, thus Harris Samuel W PORT typed:
[snip large amount of text. In a nutshell, a tmp file is eating up hard
drive space]
Download and execute FileMon from SysInternals.com
Configure FileMon to watch the partition on which the temp file is located
on.
Start FileMon running and see what process has that file open.
From there you check that program against a Windows rootkit checker.
Run 'strings' (if it exists on Windows, otherwise install Cygwin) against
the program and what interesting words appear in the binary.
Cant wait to see what you come up with.
HTH
Scott Birl http://concept.temple.edu/sysadmin/
Senior Systems Administrator Computer Services Temple University
====*====*====*====*====*====*====*====+====*====*====*====*====*====*====*====*
---------------------------------------------------------------------------
----------------------------------------------------------------------------
- Previous message: Muhammad Faisal Rauf Danka: "Re: External Pen Test / Manual Exploitation"
- In reply to: Harris Samuel W PORT: "Hard Drive keeps filling up"
- Next in thread: Joey Peloquin: "RE: Hard Drive keeps filling up"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
